Setting up kerberos
32 views
Skip to first unread message
Mauricio Tavares
May 7, 2018, 10:22:26 PM5/7/18
to ansible...@googlegroups.com
I must be looking at the wrong places. I would like to see an
example of setting up kerberos using a task file, but all I find is
how to make ansible authenticate using kerberos. Suggestions?
example of setting up kerberos using a task file, but all I find is
how to make ansible authenticate using kerberos. Suggestions?
Jordan Borean
May 7, 2018, 10:26:32 PM5/7/18
to Ansible Project
This is a very vague question, what exactly are you wanting to do when you say "setting up kerberos" and someone might be able to help.
Michael Pechner
May 7, 2018, 11:57:47 PM5/7/18
to ansible...@googlegroups.com
Are you looking to setup a KDC?
Install client packages?
Setup the config files?
On Mon, May 7, 2018 at 7:26 PM, Jordan Borean <jbor...@gmail.com> wrote:
This is a very vague question, what exactly are you wanting to do when you say "setting up kerberos" and someone might be able to help.
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/7b86018c-3c9f-419d-a9fa-5133681ef7d6%40googlegroups.com.
Mauricio Tavares
May 12, 2018, 9:09:14 PM5/12/18
to ansible...@googlegroups.com
On Mon, May 7, 2018 at 11:57 PM, Michael Pechner <mpec...@gmail.com> wrote:
> Are you looking to setup a KDC?
> Install client packages?
> Setup the config files?
>
Oops. I meant deploy a client from package to config.
> Are you looking to setup a KDC?
> Install client packages?
> Setup the config files?
>
> On Mon, May 7, 2018 at 7:26 PM, Jordan Borean <jbor...@gmail.com> wrote:
>>
>> This is a very vague question, what exactly are you wanting to do when you
>> say "setting up kerberos" and someone might be able to help.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> To post to this group, send email to ansible...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/7b86018c-3c9f-419d-a9fa-5133681ef7d6%40googlegroups.com.
>>
>> For more options, visit https://groups.google.com/d/optout.
>
>
>
>
> --
> Michael Pechner
> NE6RD - Amateur Extra
> mi...@mikey.com
>
>> https://groups.google.com/d/msgid/ansible-project/7b86018c-3c9f-419d-a9fa-5133681ef7d6%40googlegroups.com.
>>
>> For more options, visit https://groups.google.com/d/optout.
>
>
>
>
> --
> Michael Pechner
> NE6RD - Amateur Extra
> mi...@mikey.com
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> To post to this group, send email to ansible...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAEX4J6w-QYy_2600oir-a9o0buFOfOqCQ3dUUQNU8mr-HS1PdQ%40mail.gmail.com.
Mauricio Tavares
May 12, 2018, 9:37:35 PM5/12/18
to ansible...@googlegroups.com
On Sat, May 12, 2018 at 9:08 PM, Mauricio Tavares <raub...@gmail.com> wrote:
> On Mon, May 7, 2018 at 11:57 PM, Michael Pechner <mpec...@gmail.com> wrote:
>> Are you looking to setup a KDC?
>> Install client packages?
>> Setup the config files?
>>
>
> Oops. I meant deploy a client from package to config.
>
Let me elaborate: I think getting the packages for centos would
> On Mon, May 7, 2018 at 11:57 PM, Michael Pechner <mpec...@gmail.com> wrote:
>> Are you looking to setup a KDC?
>> Install client packages?
>> Setup the config files?
>>
>
> Oops. I meant deploy a client from package to config.
>
go something like this
- name: Install kerberos
yum:
name: {{ item }}
update_cache: yes
state: latest
with_items:
- krb5-workstation
- krb5-libs
- krb5-auth-dialog
Then we have the client config side of the show
Jordan Borean
May 14, 2018, 12:01:27 AM5/14/18
to Ansible Project
I've created a role that can do what you are looking for but it includes things outside of Kerberos and more specific for that task at hand https://github.com/jborean93/ansible-windows/tree/master/vagrant-linux/roles/kerberos. What you really need is 2 tasks;
- Install the kerb/gssapi packages using the package tool you require (yum/apt/dnf...)
- Template out a copy of the krb5.conf file with the configuration on your environment
The 1st step is easy, the 2nd step is really up to what your krb5.conf file looks like. The documentation around this file and what each option/section does can be found here https://web.mit.edu/kerberos/krb5-1.12/doc/admin/conf_files/krb5_conf.html.
Thanks
Jordan
Reply all
Reply to author
Forward
0 new messages